Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion

...

sch_hfsc: make hfsc_qlen_notify() idempotent

...

SUSE CVE-2025-68289

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: feem: Fix memory leak in eemunwrap The existing code did not handle the failure case of usbepqueue in the command path, potentially leading to memory leaks. Improve error handling to free all allocated resources on...

CVE-2025-68325 net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...

CVE-2025-68325 net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...

CVE-2025-68325

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...

CVE-2025-68325

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...

CVE-2025-68323

CVE-2025-68323 concerns a Linux kernel use-after-free in usb: typec: ucsi (uec->work). The issue arises when a delayed work item scheduled in gaokun_ucsi_probe() is not canceled on gaokun_ucsi_remove(), allowing use-after-free of ucsi/gaokun_ucsi structures while a worker may still run or be q...

SUSE CVE-2025-68307

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a miscalculation of the schcake queue length, which could lead to a null pointer dereference...

nvme: fix admin request_queue lifetime

...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

libsoup: Heap Use-After-Free in libsoup message queue handling during HTTP/2 read completion

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missin...

SUSE CVE-2025-68209

In the Linux kernel, the following vulnerability has been resolved: mlx5: Fix default values in create CQ Currently, CQs without a completion function are assigned the mlx5addcqtotasklet function by default. This is problematic since only user CQs created through the mlx5ib driver are intended to...

SUSE CVE-2025-68223

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...

SUSE CVE-2025-68232

In the Linux kernel, the following vulnerability has been resolved: veth: more robust handing of race to avoid txq getting stuck Commit dc82a33297fc "veth: apply qdisc backpressure on full ptrring to reduce TX drops" introduced a race condition that can lead to a permanently stalled TXQ. This was...

SUSE CVE-2025-68234

In the Linux kernel, the following vulnerability has been resolved: iouring/cmdnet: fix wrong argument types for skbqueuesplice If timestamp retriving needs to be retried and the local list of SKB's already has entries, then it's spliced back into the socket queue. However, the arguments for the...

SUSE CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

IBM MQ 9.1 < 9.1.0.33 LTS / 9.2 < 9.2.0.40 LTS / 9.3 < 9.3.0.36 LTS / 9.3 < 9.4.4.1 CD / 9.4 < 9.4.0.17 LTS / 9.4.4.1 (7254158)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7254158 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions tha...

EUVD-2025-203773

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...